Click-Jacking Protection
Learn how to protect your Umbraco site from clickjacking attacks using X-Frame-Options and security headers.
Checks if your site is allowed to be IFRAMEd by another site and thus would be susceptible to click-jacking.
How to fix this health check
This health check can be fixed by adding a header before the response is started.
Preferable you use a security library like NWebSec.
Adding Click-Jacking Protection using NWebSec
If you take a NuGet dependency on NWebsec.AspNetCore.Middleware/, you can use third extension methods on IApplicationBuilder
.
Adding Click-Jacking Protection using manual middleware
Avoid third-party library dependencies by using custom middleware added to the request pipeline.
Last updated